Using Let’s Encrypt for SSL on your seedbox is a great way to have a valid certificate and avoid all the nag screens and exceptions that you have to jump through when dealing with self-signed certificates. Let’s Encrypt provides an easy way to obtain and install trusted certificates for absolutely no cost, other a couple of minutes of time.

Before we start, it is required that you have a valid domain name. Purchase one anywhere you like… they are not too expensive. You will then need to setup an A Record for the domain to point the IP of your seedbox towards. I would recommend CloudFlare… there are several reasons why CloudFlare is a good choice, but the biggest is that once again, it’s free.

In the near future, QuickBox will provide an option to donate to the Project any amount you like and we’ll hook you up on a subdomain, ie. myserver.quickbox.io. Obviously, there would be limitations to this method as someone could already have a subdomain, so we’ll sort those details as it plays out… for now, domains are relatively cheap.

Setup and install Let’s Encrypt

Option 1: Sever has its own Domain

1

2

3

4

apt-get-yinstall git

git clonehttps://github.com/letsencrypt/letsencrypt /opt/letsencrypt

cd/opt/letsencrypt

./letsencrypt-auto--apache-dyour_domain.com-dsub.your_domain.com

Replace your_domain.com and sub.your_domain.com with that of your actual domain. Subdomains are only needed if you are attaching your seedbox to another domain, ie; mybox.domain.com use Option 2.

Option 2: Server is on a Subdomain

1

2

3

4

apt-get-yinstall git

git clonehttps://github.com/letsencrypt/letsencrypt /opt/letsencrypt

cd/opt/letsencrypt

./letsencrypt-auto--apache-dsub.your_domain.com

? Heads Up!

You may receive a prompt asking which configuration file to use for Let’s Encrypt, it is important that you choose 000-default.conf and not default-ssl.conf. Choosing default-ssl.conf can and in most cases wipe the QiuckBox default-ssl.conf already in place, this results in needing to rebuild the apache configuration files.

Then setup auto-renewal of the ca-certificate

./letsencrypt-auto renew

Now add a crontab

sudo crontab-e

Enter the following:

302**1/opt/letsencrypt/letsencrypt-auto renew>>/var/log/le-renew.log

Save and exit.

This will create a new cron job that will execute the letsencrypt-auto renew command every Monday at 2:30 am. The output produced by the command will be piped to a log file located at /var/log/le-renewal.log.

Next, you will also need to change your DocumentRoot after you install let’sencrypt … The good news is you can do it with one string :